TechByter Worldwide

Speak softly and carry a large microphone

 

May 31, 2015

Can't Install; Can't Uninstall. Now What?

Have you ever tried to install a program or a program update only to be told that there's a problem with the installation? If it's an update, uninstalling the application, reinstalling it, and then applying the update usually resolves the problem. But what if you're also unable to uninstall the application?

I ran into this problem when I was trying to install the latest version of ThumbsPlus for a review. The installer failed. Then the uninstaller failed. Usually this is caused by corruption in the Registry and Microsoft has created a utility that can resolve the problem.

You'll find it here: http://support.microsoft.com/mats/Program_Install_and_Uninstall

The new Fixit utility replaces the earlier Windows Installer Cleanup Utility (MSICUU2.exe), which is no longer supported. If you cannot add, update, or remove a program, Microsoft recommends running this troubleshooter.

Fixit supports even no-longer-supported operating systems such as Windows XP and Vista. It also works with Windows Server 2003 and 2003 R2, Windows Server 2008 and 2008 R2, Windows Server 2012 and 2012 R2, Windows 7, and Windows 8 and 8.1.

Although it can't fix everything, it can fix a lot. For example:

  • Corrupted registry keys on 64-bit operating systems
  • Corrupted registry keys that control the update data
  • Problems that prevent new programs from being installed
  • Problems that prevent existing programs from being completely uninstalled or updated
  • Problems that block you from uninstalling a program through the Add or Remove Programs (or Programs and Features) item in Control Panel

And it fixed the problem with ThumbsPlus, so you can expect a review of the latest version in the next few weeks.

How It Works

Press ESC to close.When you start the program, you'll be prompted to approve running the application with enhanced privileges. This is what allows it to modify the Registry and make other needed changes. If you don't approve it, the process will exit.

You'll need to decide whether you want to allow the troubleshooter to find problems and repair whatever it finds (Microsoft recommends this) or to direct the application to problems you're aware of. That's the option I selected because I wanted the application to look at a specific problem.


Press ESC to close.Taking the user-directed route, you'll need to specify whether you need help installing or removing a program.

Press ESC to close.The application will display a list of all applications that the Windows installer knows about.

In this case, I selected Visual Studio 2010 Prerequisites-English. After uninstalling Visual Studio, I noticed that the computer had problems installing and uninstalling other applications and often referenced resources that weren't present. I used the utility to remove both of the Visual Studio components shown here.


Press ESC to close.You'll see a list of problems that the utility has identified. Anything found will already be checked and unless you have a good reason for removing the check marks, you'll want to retain them and select Next.

Press ESC to close.The utility will go to work. In some cases, this step will take only a minute or two, but I have seen it run for as long as half an hour. When it completes, it will list the problem or problems it found and whether or not it was able to fix them. If you want to see more information about what was done, click "View report details."

Press ESC to close.You'll be asked if the troubleshooter fixed the problem, but the problem with this approach is that you won't know that until you perform additional testing. I always select "I don't know" and move on.

Press ESC to close.Unless you state that the problem has been resolved, you'll see this screen that offers additional online resources. Because the problem has been resolved, just click Cancel.

The troubleshooter can repair only one problem at a time. In this case, I wanted to remove two Visual Studio components, so I had to start the program again and run through all of the initial steps. For this reason, I recommend downloading the troubleshooter to your computer instead of repeatedly running it online.

5 CatsMicrosoft Fixit is free, easy to use, and functional.

If you're having trouble installing or uninstalling a program, Microsoft Fixit is an excellent choice. One of its primary advantages stems from the fact that it is a Microsoft product and who would be likely to know more about how the installer works, what can go wrong, and how to fix problems with it than Microsoft?
I rest my case. Download Microsoft Fixit here. (If you're running the Technical Preview of Windows 10, you won't be able to download Microsoft Fixit.)

Can You Remember Where You Were Born?

Google Security researchers recently presented the results of a study that examines security questions that are employed to validate users' identities. The study raises some disturbing questions about the validity of the questions themselves.

The full research paper is available on the Google Research website.

Some security systems offer a variety of data points the user can select. It's not surprising that few people can remember either their frequent flyer number or their library card number, but I wonder if we shouldn't be concerned about a society in which nearly 20% of the users were unable to remember the city where they were born, almost 25% couldn't remember their father's middle name, more than 30% were unable to recall the name of their childhood best friend, and 33% couldn't name their high school.

Really?

It could be that people selected the question category and then entered a nonsense word thinking that this would make it more difficult for crooks to guess the word. In fact, the reverse is true: People can't remember the bogus word they used and crooks are more likely to be able to guess it.

How did the researchers obtain the raw data? "As part of our constant efforts to improve account security, we analyzed hundreds of millions of secret questions and answers that had been used for millions of account recovery claims at Google. We then worked to measure the likelihood that hackers could guess the answers."

The researchers concluded that secret questions are neither secure nor reliable enough to be used as a standalone account recovery mechanism because they suffer from a fundamental flaw: their answers are either somewhat secure or easy to remember, but rarely both.

"What's your favorite food?" is a question that's easily guessed by crooks. With a single guess, an attacker would have nearly a 20% chance of guessing English-speaking users' answers to the question. (The most common answer is pizza.)

Many users had identical answers to secret questions and that surprised the researchers. Questions such as "What's your phone number?" "What's your frequent flyer number?" often have bogus answers. Nearly 40% of people who select these questions provide false answers to their questions thinking this will make them harder to guess. The researchers says that this ends up backfiring because people choose the same false answers and that actually increases the likelihood that an attacker can break in.

Would Adding More Questions Help?

Of course, it's harder to guess the right answer to two or more questions, as opposed to just one. However, adding questions reduces the chance that people will be able to remember their own answers.

According to the research data, the easiest question is "What city were you born in?" and the second easiest question is "What is your father's middle name?". If these question are asked in tandem, about 25% of users will fail to recall the right answers. The combination, though, would seriously reduce attackers' ability to provide the right answer: With 10 answers, they have about a 7% chance to get the first answer and a 15% chance to get the second answer. If I understand the mathematics here, if the crook had 100 chances, he would have a about a 0.6% chance to guess both answers.

That actually seems like a good choice. It doesn't substantially reduce the chances for a legitimate user while nearly eliminating a crooks' opportunity to guess the right answers.

The researchers, however, concluded: "Piling on more secret questions makes it more difficult for users to recover their accounts and is not a good solution, as a result."

What is the Solution?

The report notes that secret questions have long been a staple of authentication and account recovery online, but that its important for users and site owners to think twice about these.

The researchers "strongly encourage Google users to make sure their Google account recovery information is current. You can do this quickly and easily with our Security Checkup. For years, we've only used security questions for account recovery as a last resort when SMS text or back-up email addresses don’t work and we will never use these as stand-alone proof of account ownership."

In parallel, site owners should use other methods of authentication, such as backup codes sent via SMS text or secondary email addresses, to authenticate their users and help them regain access to their accounts. These are both safer, and offer a better user experience.

Android Lollipop Could Be Detrimental to Your Data Plan

Because I am almost always within range of a Wi-Fi signal and, when I'm not, I rarely need data services, I signed up for the smallest possible data plan (500MB) from my provider and rarely use even half of that. So I was a bit surprised when the smart phone warned me that I had used 400MB of the data plan.

The phone had recently been updated to the latest version of the operating system (Lollipop), so that was naturally the first suspect. It took only a few minutes and minimal research to confirm that suspicion.

Press ESC to close.In fact, a cursory glance around the Internet suggests that this problem is surprising a lot of people, and not in a happy way. One user who has a 1GB/month plan saw more than half of his data plan consumed within just a few days. After updating the operating system, one might reasonably expect that most of the installed apps will need to be upgraded, too, but why are they being updated via the data plan and not Wi-Fi?

I found lots of images like the one at the right and a lot of very unhappy people posting those images.

Press ESC to close.Here's my own version of the image. I have a warning set at 345MB and it's clear from the graph that, had data usage continued normally until the end of the billing period, the final number would be under the warning mark and well under the limit. Acceleration occurred the day the system was upgraded to Lollipop and the slope of the line makes it equally clear that I would exceed my data plan's limit more than a week before the end of the billing cycle.

Press ESC to close.Initially, I misread a data value attributed to Avast's backup system and thought that it was the primary culprit even though I had told it to perform backups only when connected by Wi-Fi.

In fact, that was happening and everything was working as expected. Well, almost everything ...

Press ESC to close.It seems that Avast has secretly mastered time travel and plans to back up my data 4 days in the past.

That elicited a chuckle (perhaps you're amused, too), but I wanted to get back to the problem at hand, so I elected to skip an investgation into Avast's ability to make backups in the past.

Press ESC to close.The Data Usage panel shows the amount of data each application has used during the period.

  • Android Core Apps: 125MB (one quarter of my data plan!)
  • Amazon.com: 42MB
  • K-9 Mail: 38MB
  • Google Play Services: 30MB
  • Facebook: 23MB
  • Android OS: 22MB
  • Avast Mobile Security (backup): 22MB

Clearly Android is the worst offender.

Press ESC to close.To see when the problem started and which application is responsible, it's possible to view each individual application's data usage by day. Here, for example, you can see that Facebook started using more data on the day Lollipop was installed, but that was a one-day event.

Press ESC to close.The same is true for Amazon. Probably the Amazon application needed to be updated to work properly with Lollipop. There was a brief surge of usage and then nothing more. Why, though, did it download using the data plan when my phone is connected via Wi-Fi for at least 22 hours every day and usually 23?

Press ESC to close.But look what Android Core Apps are doing! There's a surge on the day Lollipop was installed and data usage just continues to increase. This is unacceptable.

This is extremely poor behavior and Google should know better!

Press ESC to close.There are two possible approaches to fixing the problem (other than throwing the phone into a trash can and going back to wired phones): One could be referred to as the dynamite approach and the other might be called the fly-swatter approach. Both are controlled in the Data Usage section of the Control Panel.

  • The dynamite approach: "Restrict Background Data" turn off all, or virtually all, background data transfer via the data plan. This would penalize well-behaved applications in addition to curtailing data use. That's probably the first option most people will see, but it seems like a bad choice.
  • The fly-swatter approach: Nearly every application has settings either within its own properties panel or in the Data Usage section of the Control Panel where background data transfer can be turned off. The worst actor was Android itself (thanks Google!) so that's where concentrated the fly swatter.


There is no reason why Android Core Apps should be consuming data plan resources when the phone is within range of a Wi-Fi signal 23 hours almost every day. The same is true for all of the other services: I don't need e-mail or Facebook while I'm driving. Backups are supposed to happen only when the phone is connected via Wi-Fi. I've downloaded one small book from Amazon -- hardly 42MB. The Play Store usage probably represents updates, but why are these being conducted via the data plan?

I scrolled through each of those applications and selected the "Restrict Background Data" setting for that application. I'll probably roll that back and retain the restriction only for the badly behaved Android Core Apps. The change appears to have stanched the bleeding of data. Usage has leveled off and I'll finish the month with some of the plan to spare.

Short Circuits

Going Where the Locals Go

Technology can come to the rescue for those who prefer to eat and drink in the places the locals patronize when they're traveling. Finding those places is usually the problem. I always feel sad when somebody explains that they ate only at chain restaurants when they were in New York City.

Localeur might be able to help, but only if you have an Apple phone or tablet. Android versions don't yet exist.

Travelers who are looking for authentic local experiences may already have Localeur on their devices, but a new version expands that application. Co-founder Chase White says version 2.3 builds on the application's first 2 years in which it built a foundation of recommendations "from Millennial locals." I wonder if that means that Boomers and Gen-Xers can't use the application. Says Chase White, "Travel will never be the same." That might be a bit of hyperbole.

The app has more than 6000 recommendations for places to eat, drink, and play in 14 cities (Atlanta, Austin, Chicago, Dallas, Denver, Houston, Los Angeles, Miami, New Orleans, New York City, Portland, San Francisco, Seattle, and Washington). Localeur now has about 500,000 users, which represents 500% growth since the start of the year.

The application was introduced in 2013 at SXSW in Austin and was named the year's best new startup by Austin Monthly subscribers. You'll find the application in the Apple Store.